CVSS: 5.9EPSS: 0%CPEs: 1EXPL: 1CVE-2018-5389 – CVE-2018-5389
https://notcve.org/view.php?id=CVE-2018-5389
06 Sep 2018 — The Internet Key Exchange v1 main mode is vulnerable to offline dictionary or brute force attacks. Reusing a key pair across different versions and modes of IKE could lead to cross-protocol authentication bypasses. It is well known, that the aggressive mode of IKEv1 PSK is vulnerable to offline dictionary or brute force attacks. For the main mode, however, only an online attack against PSK authentication was thought to be feasible. This vulnerability could allow an attacker to recover a weak Pre-Shared Key ... • https://blogs.cisco.com/security/great-cipher-but-where-did-you-get-that-key • CWE-521: Weak Password Requirements •
CVSS: 7.5EPSS: 1%CPEs: 1EXPL: 0CVE-2006-2298
https://notcve.org/view.php?id=CVE-2006-2298
10 May 2006 — The Internet Key Exchange version 1 (IKEv1) implementation in the libike library in Solaris 9 and 10 allows remote attackers to cause a denial of service (in.iked daemon crash) via crafted IKE packets, as demonstrated by the PROTOS ISAKMP Test Suite for IKEv1. • http://secunia.com/advisories/20050 •
CVSS: 7.5EPSS: 1%CPEs: 1EXPL: 0CVE-2006-1646
https://notcve.org/view.php?id=CVE-2006-1646
06 Apr 2006 — The Internet Key Exchange version 1 (IKEv1) implementation (isakmp_agg.c) in the Shoichi Sakane KAME Project racoon, as used by NetBSD 1.6, 2.x before 20060119, certain FreeBSD releases, and possibly other distributions of BSD or Linux operating systems, when running in aggressive mode, allows remote attackers to cause a denial of service (daemon crash) via crafted IKE packets, as demonstrated by the PROTOS ISAKMP Test Suite for IKEv1. • ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2006-003.txt.asc •
CVSS: 10.0EPSS: 1%CPEs: 1EXPL: 0CVE-2005-3666
https://notcve.org/view.php?id=CVE-2005-3666
18 Nov 2005 — Multiple unspecified format string vulnerabilities in multiple unspecified implementations of Internet Key Exchange version 1 (IKEv1) have multiple unspecified attack vectors and impacts, as demonstrated by the PROTOS ISAKMP Test Suite for IKEv1. NOTE: due to the lack of information in the original sources, it is likely that this candidate will be REJECTed once it is known which implementations are actually vulnerable. • http://jvn.jp/niscc/NISCC-273756/index.html •
CVSS: 9.1EPSS: 1%CPEs: 1EXPL: 0CVE-2005-3668
https://notcve.org/view.php?id=CVE-2005-3668
18 Nov 2005 — Multiple buffer overflows in multiple unspecified implementations of Internet Key Exchange version 1 (IKEv1) have multiple unspecified attack vectors and impacts related to denial of service, as demonstrated by the PROTOS ISAKMP Test Suite for IKEv1. NOTE: due to the lack of information in the original sources, it is likely that this candidate will be REJECTed once it is known which implementations are actually vulnerable. • http://jvn.jp/niscc/NISCC-273756/index.html •
CVSS: 9.1EPSS: 0%CPEs: 1EXPL: 0CVE-2005-3667
https://notcve.org/view.php?id=CVE-2005-3667
18 Nov 2005 — Multiple unspecified vulnerabilities in multiple unspecified implementations of Internet Key Exchange version 1 (IKEv1) have multiple unspecified attack vectors and impacts related to denial of service, as demonstrated by the PROTOS ISAKMP Test Suite for IKEv1. NOTE: due to the lack of information in the original sources, it is likely that this candidate will be REJECTed once it is known which implementations are actually vulnerable. In addition, since "denial of service" is an impact and not a vulnerabilit... • http://jvn.jp/niscc/NISCC-273756/index.html •